summaryrefslogtreecommitdiff
path: root/internal/wireguard/wireguard.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/wireguard/wireguard.go')
-rw-r--r--internal/wireguard/wireguard.go97
1 files changed, 6 insertions, 91 deletions
diff --git a/internal/wireguard/wireguard.go b/internal/wireguard/wireguard.go
index b156430..d2a0ae0 100644
--- a/internal/wireguard/wireguard.go
+++ b/internal/wireguard/wireguard.go
@@ -3,115 +3,30 @@ package wireguard
import (
"errors"
- "fmt"
- "net"
"codeberg.org/eduVPN/eduvpn-common/internal/wireguard/ini"
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
)
-func availableTCPPort() (int, error) {
- tcpaddr, err := net.ResolveTCPAddr("tcp", "127.0.0.1:0")
- if err != nil {
- return -1, err
- }
- ltcp, err := net.ListenTCP("tcp", tcpaddr)
- if err != nil {
- return -1, err
- }
- defer ltcp.Close() //nolint:errcheck
- return ltcp.Addr().(*net.TCPAddr).Port, nil
-}
-
-func availableUDPPort() (int, error) {
- udpaddr, err := net.ResolveUDPAddr("udp", "127.0.0.1:0")
- if err != nil {
- return -1, err
- }
- ludp, err := net.ListenUDP("udp", udpaddr)
- if err != nil {
- return -1, err
- }
- defer ludp.Close() //nolint:errcheck
- return ludp.LocalAddr().(*net.UDPAddr).Port, nil
-}
-
-// Proxy is the proxyguard information
-type Proxy struct {
- // SourcePort is the source port of the TCP socket
- SourcePort int
- // ListenPort is the PORT of the udp listener
- ListenPort int
- // Peer is the hostname/ip:port of the WireGuard peer
- Peer string
-}
-
-// Config gets a wireguard config with API config `cfg`, wg key `key` and whether to use proxyguard `proxy`
-func Config(cfg string, key *wgtypes.Key, proxy bool) (string, *Proxy, error) {
+// Config places a WireGuard key `key` inside of the WireGuard config `cfg`
+func Config(cfg string, key *wgtypes.Key) (string, error) {
// the key is nil if the client does not accept WireGuard
if key == nil {
- return "", nil, errors.New("the server sent us a WireGuard profile but the client does not accept WireGuard")
- }
-
- var tcpp int
- var udpp int
- var err error
- var udpl string
-
- if proxy {
- tcpp, err = availableTCPPort()
- if err != nil {
- return "", nil, err
- }
- udpp, err = availableUDPPort()
- if err != nil {
- return "", nil, err
- }
- udpl = fmt.Sprintf("127.0.0.1:%d", udpp)
- }
-
- rcfg, peer, err := configReplace(cfg, *key, udpl)
- if err != nil {
- return "", nil, err
- }
- var retP *Proxy
- if proxy {
- retP = &Proxy{
- SourcePort: tcpp,
- ListenPort: udpp,
- Peer: peer,
- }
+ return "", errors.New("the server sent us a WireGuard profile but the client does not accept WireGuard")
}
- return rcfg, retP, nil
-}
-// ConfigReplace replaces the wireguard config with our private key and proxy in case of TCP
-func configReplace(cfg string, key wgtypes.Key, proxy string) (string, string, error) {
// first parse the config
secs := ini.Parse(cfg)
if secs.Empty() {
- return "", "", errors.New("parsed ini is empty")
+ return "", errors.New("parsed ini is empty")
}
// find the interface section
// and set the private key
is, err := secs.Section("Interface")
if err != nil {
- return "", "", err
+ return "", err
}
is.AddOrReplaceKeyValue("PrivateKey", key.String())
- peer := ""
- if proxy != "" {
- ps, err := secs.Section("Peer")
- if err != nil {
- return "", "", err
- }
- peer, err = ps.RemoveKey("ProxyEndpoint")
- if err != nil {
- return "", "", err
- }
- ps.AddOrReplaceKeyValue("Endpoint", proxy)
- }
-
- return secs.String(), peer, nil
+ return secs.String(), nil
}